Merge pull request #3784 from dougm/vcsim-session-timeout

vcsim: Use OptionManager to configure session timeout duration

Author: akutz

cli/host/option/set.go

@@ -46,7 +46,8 @@ func (cmd *set) Description() string {
 
 Examples:
   govc host.option.set Config.HostAgent.plugins.solo.enableMob true
-  govc host.option.set Config.HostAgent.log.level verbose`
+  govc host.option.set Config.HostAgent.log.level verbose
+  govc host.option.set Config.HostAgent.vmacore.soap.sessionTimeout 90`
 }
 
 func (cmd *set) Run(ctx context.Context, f *flag.FlagSet) error {

cli/option/set.go

@@ -47,8 +47,11 @@ func (cmd *Set) Description() string {
 	return SetDescription + `
 
 Examples:
+  # Change log levels
   govc option.set log.level info
-  govc option.set logger.Vsan verbose`
+  govc option.set logger.Vsan verbose
+  # Increase vCenter session timeout to 90 minutes
+  govc option.set config.vmacore.soap.sessionTimeout 90`
 }
 
 func (cmd *Set) Update(ctx context.Context, f *flag.FlagSet, m *object.OptionManager) error {

govc/USAGE.md

@@ -3460,6 +3460,7 @@ Set option NAME to VALUE.
 Examples:
   govc host.option.set Config.HostAgent.plugins.solo.enableMob true
   govc host.option.set Config.HostAgent.log.level verbose
+  govc host.option.set Config.HostAgent.vmacore.soap.sessionTimeout 90
 
 Options:
   -host=                 Host system [GOVC_HOST]
@@ -5296,8 +5297,11 @@ Usage: govc option.set [OPTIONS] NAME VALUE
 Set option NAME to VALUE.
 
 Examples:
+  # Change log levels
   govc option.set log.level info
   govc option.set logger.Vsan verbose
+  # Increase vCenter session timeout to 90 minutes
+  govc option.set config.vmacore.soap.sessionTimeout 90
 
 Options:
 ```

session/keepalive/example_test.go

@@ -10,9 +10,10 @@ import (
 	"log"
 	"time"
 
-	"github.com/vmware/govmomi/session"
+	"github.com/vmware/govmomi"
 	"github.com/vmware/govmomi/session/keepalive"
 	"github.com/vmware/govmomi/simulator"
+	"github.com/vmware/govmomi/simulator/sim25"
 	"github.com/vmware/govmomi/vapi/rest"
 	"github.com/vmware/govmomi/vim25"
 )
@@ -23,14 +24,21 @@ var (
 	keepAliveIdle      = sessionIdleTimeout / 2
 )
 
-func init() {
-	simulator.SessionIdleTimeout = sessionIdleTimeout
-}
-
 func ExampleHandlerSOAP() {
-	simulator.Run(func(ctx context.Context, c *vim25.Client) error {
-		// No need for initial Login() here as simulator.Run already has
-		m := session.NewManager(c)
+	simulator.Run(func(ctx context.Context, vc *vim25.Client) error {
+		// Using the authenticated vc client, timeout will apply to new sessions.
+		sim25.SetSessionTimeout(ctx, vc, sessionIdleTimeout)
+
+		c, err := govmomi.NewClient(ctx, vc.URL(), true)
+		if err != nil {
+			return err
+		}
+		m := c.SessionManager
+
+		err = m.Login(ctx, simulator.DefaultLogin) // New session
+		if err != nil {
+			return err
+		}
 
 		// check twice if session is valid, sleeping > SessionIdleTimeout in between
 		check := func() {
@@ -53,7 +61,7 @@ func ExampleHandlerSOAP() {
 		// this starts the keep alive handler when Login is called, and stops the handler when Logout is called
 		c.RoundTripper = keepalive.NewHandlerSOAP(c.RoundTripper, keepAliveIdle, nil)
 
-		err := m.Login(ctx, simulator.DefaultLogin)
+		err = m.Login(ctx, simulator.DefaultLogin)
 		if err != nil {
 			return err
 		}
@@ -82,8 +90,11 @@ func ExampleHandlerSOAP() {
 
 func ExampleHandlerREST() {
 	simulator.Run(func(ctx context.Context, vc *vim25.Client) error {
+		// Using the authenticated vc client, timeout will apply to new sessions.
+		sim25.SetSessionTimeout(ctx, vc, sessionIdleTimeout)
+
 		c := rest.NewClient(vc)
-		err := c.Login(ctx, simulator.DefaultLogin)
+		err := c.Login(ctx, simulator.DefaultLogin) // New session
 		if err != nil {
 			return err
 		}

simulator/option_manager.go

@@ -27,11 +27,6 @@ type OptionManager struct {
 	mirror *[]types.BaseOptionValue
 }
 
-func asOptionManager(ctx *Context, obj mo.Reference) (*OptionManager, bool) {
-	om, ok := ctx.Map.Get(obj.Reference()).(*OptionManager)
-	return om, ok
-}
-
 // NewOptionManager constructs the type. If mirror is non-nil it takes precedence over settings, and settings is ignored.
 // Args:
 //   - ref - used to set OptionManager.Self if non-nil

simulator/session_manager.go

@@ -43,9 +43,6 @@ func (m *SessionManager) init(*Registry) {
 }
 
 var (
-	// SessionIdleTimeout duration used to expire idle sessions
-	SessionIdleTimeout time.Duration
-
 	sessionMutex sync.Mutex
 
 	// secureCookies enables Set-Cookie.Secure=true
@@ -361,12 +358,12 @@ func (c *Context) mapSession() {
 	}
 }
 
-func (m *SessionManager) expiredSession(id string, now time.Time) bool {
+func (m *SessionManager) expiredSession(id string, now time.Time, timeout time.Duration) bool {
 	expired := true
 
 	s, ok := m.getSession(id)
 	if ok {
-		expired = now.Sub(s.LastActiveTime) > SessionIdleTimeout
+		expired = now.Sub(s.LastActiveTime) > timeout
 		if expired {
 			m.delSession(id)
 		}
@@ -375,23 +372,29 @@ func (m *SessionManager) expiredSession(id string, now time.Time) bool {
 	return expired
 }
 
-// SessionIdleWatch starts a goroutine that calls func expired() at SessionIdleTimeout intervals.
+// SessionIdleWatch starts a goroutine that calls func expired() at timeout intervals.
 // The goroutine exits if the func returns true.
-func SessionIdleWatch(ctx context.Context, id string, expired func(string, time.Time) bool) {
-	if SessionIdleTimeout == 0 {
+func SessionIdleWatch(ctx *Context, id string, expired func(string, time.Time, time.Duration) bool) {
+	opt := ctx.Map.OptionManager().find("config.vmacore.soap.sessionTimeout")
+	if opt == nil {
 		return
 	}
 
+	timeout, err := time.ParseDuration(opt.Value.(string))
+	if err != nil {
+		panic(err)
+	}
+
 	go func() {
-		for t := time.NewTimer(SessionIdleTimeout); ; {
+		for t := time.NewTimer(timeout); ; {
 			select {
 			case <-ctx.Done():
 				return
 			case now := <-t.C:
-				if expired(id, now) {
+				if expired(id, now, timeout) {
 					return
 				}
-				t.Reset(SessionIdleTimeout)
+				t.Reset(timeout)
 			}
 		}
 	}()
@@ -423,7 +426,7 @@ func (c *Context) SetSession(session Session, login bool) {
 			Locale:    session.Locale,
 		})
 
-		SessionIdleWatch(c.Context, session.Key, m.expiredSession)
+		SessionIdleWatch(c, session.Key, m.expiredSession)
 	}
 }
 

simulator/sim25/client.go

@@ -0,0 +1,31 @@
+// © Broadcom. All Rights Reserved.
+// The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.
+// SPDX-License-Identifier: Apache-2.0
+
+package sim25
+
+import (
+	"context"
+	"time"
+
+	"github.com/vmware/govmomi/vim25"
+	"github.com/vmware/govmomi/vim25/methods"
+	"github.com/vmware/govmomi/vim25/types"
+)
+
+// SetSessionTimeout changes the default session timeout.
+func SetSessionTimeout(ctx context.Context, c *vim25.Client, timeout time.Duration) error {
+	// Note that real vCenter supports the same OptionValue Key, but only with a Value of whole seconds.
+	req := types.UpdateOptions{
+		This: *c.ServiceContent.Setting,
+		ChangedValue: []types.BaseOptionValue{
+			&types.OptionValue{
+				Key:   "config.vmacore.soap.sessionTimeout",
+				Value: timeout.String(),
+			},
+		},
+	}
+
+	_, err := methods.UpdateOptions(ctx, c, &req)
+	return err
+}

simulator/sim25/doc.go

@@ -0,0 +1,8 @@
+// © Broadcom. All Rights Reserved.
+// The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.
+// SPDX-License-Identifier: Apache-2.0
+
+/*
+Package sim25 contains vim25.Client helpers intended for use with vcsim.
+*/
+package sim25

vapi/simulator/simulator.go

@@ -524,12 +524,12 @@ func Decode(r *http.Request, w http.ResponseWriter, val any) bool {
 	return true
 }
 
-func (s *handler) expiredSession(id string, now time.Time) bool {
+func (s *handler) expiredSession(id string, now time.Time, timeout time.Duration) bool {
 	expired := true
 	s.Lock()
 	session, ok := s.Session[id]
 	if ok {
-		expired = now.Sub(session.LastAccessed) > simulator.SessionIdleTimeout
+		expired = now.Sub(session.LastAccessed) > timeout
 		if expired {
 			delete(s.Session, id)
 		}
@@ -538,6 +538,13 @@ func (s *handler) expiredSession(id string, now time.Time) bool {
 	return expired
 }
 
+func (s *handler) newContext() *simulator.Context {
+	return &simulator.Context{
+		Context: context.Background(),
+		Map:     s.Map,
+	}
+}
+
 func (s *handler) session(w http.ResponseWriter, r *http.Request) {
 	id := r.Header.Get(internal.SessionCookieName)
 	useHeaderAuthn := strings.ToLower(r.Header.Get(internal.UseHeaderAuthn))
@@ -560,7 +567,7 @@ func (s *handler) session(w http.ResponseWriter, r *http.Request) {
 		id = uuid.New().String()
 		now := time.Now()
 		s.Session[id] = &rest.Session{User: user, Created: now, LastAccessed: now}
-		simulator.SessionIdleWatch(context.Background(), id, s.expiredSession)
+		simulator.SessionIdleWatch(s.newContext(), id, s.expiredSession)
 		if useHeaderAuthn != "true" {
 			http.SetCookie(w, &http.Cookie{
 				Name:  internal.SessionCookieName,